Description of Problem:
Our webserver is accessable through netatalk (afpd) and we use 
groups primarily to control access. Our default umask is 007, and most if not all of the dirs on 
the webserver are g+rwxs.

However, the afpd process itself did not start with a umask that 
would create the .AppleDouble dirs with write access for groups, and this led to a very hard bug 
to track down - the first person to access a particular dir would be able to read and write files 
fine, but anyone else would get a "You do not have sufficient permissions to edit this file" 
error.

However, upon looking at the webserver and reviewing a users group memberships, it 
would APPEAR that they did have sufficient access. 

Only by stracing a process with a user that 
was having the problem could I find the root cause. 



Version-Release number of selected 
component (if applicable):
1.5pre2-6

How Reproducible:
Follow the logic above and 
basically end up with an .AppleDouble dir with 
perms of rwxr-s--- and then have someone with group 
write permissions for a file try to edit the file. If they are not the owner of the .AppleDouble 
dir, they'll get the error message.

Steps to Reproduce:
1. 
2. 
3. 

Actual 
Results:


Expected Results:


Additional Information:
It may be that the error message 
you give the user can't or should not be changed - however, additional log messages would have 
been a HUGE win over having to strace the problem.

I can try to provide more details, and am 
willing to test patches if needed - I know there aren't that many sites suffering from netatalk 
anymore.	
D